Anonymous wrote:


>> Which is wrong again. For all those FDE products which use CBC
>> mode, the swap file is likely to contain an IV, which leaks the
>
> Which doesn't matter one fucking bit because unless it's mounted,
> it's encrypted.

>

> What an idiot.


The only idiot here is you, because you can't read. The fact that data is
leaked even though the pagefile is on the encrypted volume is exactly the issue!

>> first block of data for every CBC block. For LRW, swapping out an
>> empty page with the LRW tweak key at the beginning or the end
>> will allow an attacker to retrieve the LRW tweak, and therefore
>> distinguishing the encrypted volume from random data. For ESSIV
>> it's the same.